How do I configure attack-detection mode for a server or a server group?

Solution

Overview

The ProxySG prevents an attack on a server or a server group by limiting the number of simultaneous connection requests to the server or server group. When you enable attack detection for servers, the ProxySG maintains a counter (server request limit) for incoming connection requests. When the number of simultaneous requests exceeds this counter, it triggers the server request limit exceeded threshold. At this threshold, the maximum number of inbound connections that the ProxySG permits to any server or server group, the ProxySG blocks further incoming requests. This action prevents the server from being overwhelmed and thereby preempts the server from becoming unresponsive or crashing.

When the server request limit exceeded threshold is reached, the Web browser displays an HTTP 503, “Server not reachable” response to the user.

To add a server or create a server group:

At the (config) prompt enter the following commands:

SGOS#(config) attack-detection

SGOS#(config attack-detection) server

The prompt changes to SGOS#(config server)

You must add a server/create a server group before you can make changes to the configuration. Create the first host in a server group, using the fully qualified domain name:

SGOS#(config server) create hostname

To edit a server or server group:

SGOS#(config server) edit hostname

The prompt changes to (config server hostname).

SGOS#(config server hostname) {add | remove} hostname

Remember to use the fully qualified domain name for each server that you add. For example, to add a couple servers to the bluecoat.com server group enter the following commands: